DKIM Is Done

This was posted to the IETF DKIM Working Group mailing list this morning:

The dkim working group has completed its primary charter items, and is officially closing. The mailing list will be retained for future discussions involving dkim. The list archive will also be retained.

The dkim working group was primarily focused on DomainKeys Identified Mail (DKIM) Signatures and DomainKeys Identified Mail (DKIM) Author Domain Signing Practices (ADSP) (RFC 5617). We applaud the working group for progressing DomainKeys Identified Mail (DKIM) Signatures from proposed standard (RFC 4871) to Draft Standard (RFC 6376). The working group also produced the following Informational RFCs: Analysis of Threats Motivating DomainKeys Identified Mail (DKIM) (RFC 4868), DomainKeys Identified Mail (DKIM) Service Overview (RFC 5585), Requirements for a DomainKeys Identified Mail (DKIM) Signing Practices Protocol (RFC 5016), and DomainKeys Identified Mail (DKIM) Development, Deployment, and Operations (RFC 5863). The proposed standard DKIM And Mailing Lists (RFC 6737) was the final RFC produced by the working group.

Click to expand...

What does this mean for DKIM-the-protocol?

DKIM as a protocol is finished and stable. Itâ€™s possible that there could be an incompatible â€œDKIM version 2***8243; in the future, but itâ€™s fairly unlikely. Itâ€™s also possible that thereâ€™ll be a clarification of the existing spec in the future, if someone flushes out some bugs or inconsistencies while theyâ€™re implementing it, but that wonâ€™t break any existing usage.

If you want to attach an identifier to mail you send, or you want to use those identifiers to handle whitelisting or reputation-tracking or to drive domain-based feedback loops for mail you receive, DKIM is the way to do it.

Whatâ€™s left to do?

DomainKeys Must Go

DomainKeys was the forerunner to DKIM. Itâ€™s been obsolete for several years and at this point nobody should be signing with it (or paying any attention to DomainKeys signatures). Iâ€™ve seen several cases recently where attempting to support both DomainKeys and DKIM lead to operational problems with the DKIM signing. Itâ€™s dead, let it go.

Good operational practices for signing with DKIM

This is the big bit of work left to do. While verifying a DKIM message and extracting the d= identifier from it is very well-defined, how best to sign with DKIM â€“ including how best to do key management, key delegation and what DKIM options to use when signing â€“ still hasnâ€™t crystallized. Our suggestions for that are here: www.dkimcore.org
Configuration API support in smarthosts

While messages can be signed with DKIM anywhere in the mail pipeline theyâ€™re almost always signed at the sender smarthost. Many of the smarthosts added DKIM support by evolving the code they already had to sign with DomainKeys, which was a good engineering decision at the time. But DKIM is a much more flexible protocol than DomainKeys was, yet Iâ€™m told some of the smarthosts havenâ€™t evolved far enough and only really support a â€œDomainKeys-like subsetâ€ of DKIM. Limited APIs like that reduce your flexibility in how you deploy DKIM, and will mean you canâ€™t even try some of the smarter ways to use it.

As a minimum, your smarthost should be able to sign a message with any arbitrary private key / d= value pair rather than being tied to any email address or domain in the email headers. If it canâ€™t do that, itâ€™s not really supporting DKIM. If it can sign a message twice or three times efficiently â€“ while processing the body of the message just once â€“ thatâ€™s a DKIM feature thatâ€™s likely to be useful for ESPs.

Some sort of API to allow key management automation (deployment, delegation, rotation and invalidation) would make rich DKIM use much easier to deploy at scale, but I donâ€™t know if anyone has looked at that sort of support in smarthosts yet. Anyone know?

Semantics

Thereâ€™s still some misunderstanding about what some elements of DKIM mean.

What is the identity that DKIM conveys? (Usually the â€œd=â€ field, though the additional information in the â€œi=â€ field might sometimes be part of that too).

What does the selector mean? (Absolutely nothing! If you try and claim it does, youâ€™re doing it wrong. Itâ€™s intended for key rotation and key delegation, and attempting to use it for anything else will make key management harder, and likely end up making the signature less secure).

What do multiple signatures mean? (That it was signed by each of those domains. None is more important than the others, and thereâ€™s no â€œprimaryâ€ signing domain. What you do with that information is a whole other thing, though).
What about ADSP?

ADSP is effectively dead. The discussions that happened as part of itâ€™s development, and the results (both good and bad) of limited testing with it will probably lead to something with similar goals in the near future â€“ more limited in scope, probably, but less fundamentally flawed.

Whence SPF?

SPF isnâ€™t dead, by any means. I expect some mail recipients will check both DKIM and SPF for the near future (though Iâ€™ve heard some interesting discussion about receivers keeping a local cache of DKIM results correlated with sending IP which may end up replacing one common SPF-based performance hack).

And whatâ€™s next?

Thanks to everyone involved in the DKIM specification process for creating this unobtrusive, robust way of attaching an identity to an email!

Itâ€™s going to be interesting to see what features people build on top of the DKIM foundation.